Documents purportedly outlining a massive CIA surveillance program suggest that CIA agents must go to great lengths to circumvent encryption they can’t break. In many cases, physical presence is required to carry off these targeted attacks.
“We are in a world where if the U.S. government wants to get your data, they can’t hope to break the encryption,” said Nicholas Weaver, who teaches networking and security at the University of California, Berkeley. “They have to resort to targeted attacks, and that is costly, risky and the kind of thing you do only on targets you care about. Seeing the CIA have to do stuff like this should reassure civil libertarians that the situation is better now than it was four years ago.”